Vendors Not Able To Edit Their Profile

I've just bought Multi-vendor and so far I have no idea how to resolve this problem.



When I log in from the store front with the vendor's email I get “Error Access denited” on saving my profile changes.



When I log in with vendor's email through vendor.php, the profile fields are all disabled for editing.



Please help

Thanks.

Hello,



Please compare your actions with the Knowledge Base.



What version do you have?

Only administrator can edit the vendor's profile in 4.2.3.

Vendor can edit the information about the company.



To say the truth we didn't check it in 4.2.4. It is possible that CS-Cart has already fixed it in 4.2.4…



Best regards, Alt-team.

Thanks Alt-team,



I have the latest version 4.2.4.

To be honest I think it's silly not to let a vendor change their profile. This should be standard. Even PayPal allows that.

Imagine the load that this puts on the support when every time a vendor needs to change their password or a small profile detail.



I thought CS-Cart Multivendor was a mature product, but it looks to me that it suffers from very basic usability issues that you wouldn't expect from a premium-price product when basic support costs you money!



When I try to recover my password as a vendor, the link sent to my email logs me in, a message comes up saying that I can change my password, but all fields are disabled in my profile!



The dropdown menu under my profile has “Edit profile” linked to my profile, where the profile fields are disabled.



I'm going to give this a few more days and if I'm going to lose my support credit for fixing this issue, I'll get my money back before the 30 days.

[quote]When I log in from the store front with the vendor's email I get “Error Access denited” on saving my profile changes[/quote]



We reproduced the same issue on the CS-Cart demo (latest version)



[url=“http://demo.mv.cs-cart.com/”]Instant Demo - CS-Cart Multi-Vendor Demo Try Free for 15 days


[quote]When I log in with vendor's email through vendor.php, the profile fields are all disabled for editing.[/quote]



Yes, you are not able to edit vendor administrator accounts:



http://demo.mv.cs-ca…d=5&user_type=V



But the vendor can edit main account data:



http://demo.mv.cs-ca…te&company_id=1



Please contact CS-Cart team and inform them about this issue.

[quote]



But the vendor can edit main account data:



http://demo.mv.cs-ca…te&company_id=1



Please contact CS-Cart team and inform them about this issue.

[/quote]



If the email is the same for the vendor's account and the profile, this becomes yet another problem. Asking people to have two separate account is not a great idea in my experience.



I don't think this feature offers any necessary security benefits. Imagine if eBay did this!

Here's a fix from CS-cart support for those of you having the same problem.




  1. Open the app/functions/fn.users.php file of your installation.
  2. Replace the following part of code (starting on line 2598)
    $has_permissions = true;

    if ($auth['is_root'] == 'Y' && $auth['user_type'] == 'A') {
    $has_permissions = true;

    } elseif (isset($user_data['is_root'])) {
    if ($user_data['is_root'] == 'Y' && $auth['is_root'] != 'Y' && $user_data['user_type'] == 'A') {
    $has_permissions = false;

    } elseif ($auth['user_type'] == 'V' && $user_data['is_root'] == 'Y') {
    $has_permissions = false;
    }
    }


    with this one:
    $has_permissions = true;

    if ($auth['is_root'] == 'Y' && $auth['user_type'] == 'A') {
    $has_permissions = true;

    } elseif (isset($user_data['is_root'])) {
    if ($user_data['is_root'] == 'Y' && $auth['is_root'] != 'Y' && $user_data['user_type'] == 'A') {
    $has_permissions = false;

    } elseif ($auth['user_type'] == 'V' && $user_data['is_root'] == 'Y') {
    if ($auth['user_id'] != $user_data['user_id']) {
    $has_permissions = false;
    }
    }
    }

  3. Save the changes.

Could you please edit your last post and add code between [ CODE ] and [ /CODE ] tags (without spaces) ? Thank you for your time.

So far so good.

The patch seems to have fixed it all.



Thank again CS-Cart